Yahoo says 500 million email accounts were exposed in a huge hack that was carried out by a state-sponsored attacker.
If you have a Yahoo email address since 2014, or if you have an old one you haven’t used in a while, you could be affected by the breach.
According to CNET, Yahoo has one billion active monthly users on its services, and 225 million monthly active users for Yahoo Mail. So there is a chance that even if you don’t use Yahoo as your primary email, you have an account lying dormant somewhere.
Whether Yahoo is your main email, a backup or something you signed up for to get access to another Yahoo service, you should check your Yahoo Mail account. That’s how Yahoo is notifying users that they have been targeted.
Change your password
Yahoo is recommending that all users change their passwords if they haven’t done so since 2014. The stolen passwords were encrypted, but a hacker can still get through that.
If you use your Yahoo password on other sites, change them too. Make sure they are different from your new Yahoo password.
You also have to change your security questions as the questions and the answers were compromised in the breach. Users are advised against having the same security questions across multiple sites.
Change all passwords regularly
We tend to have the same password for multiple accounts and not change them. This ensures that we don’t forget our passwords.
But by doing so, we are making our accounts vulnerable to hackers.
Will I lose money?
According to the Financial Times, There was no financial information stolen directly from the Yahoo database, but this does not mean you are covered. You could be an indirect victim of Yahoo’s data breach if you have used the same passwords or security information on your different online accounts.
If you have reused passwords or security answers and questions, particularly for sensitive accounts such as work software and email, or bank accounts, you should create new ones immediately, it said.
“The other danger is that hackers can now send phishing links to your email inbox, or impersonate a banking authority and ask for personal details via email. Both these methods could provide access to your bank account,” the report said.
“Other than a financial risk, there could be an enormous breach of privacy. Anyone who now possesses these details will be able to read Yahoo email correspondence of targeted users, especially if you work for the government or have links to political dissidents and activists.”
Cyber experts also warn that combining stolen information can allow cyber criminals to piece together comprehensive user identities, it added.
The Heat Malaysia Online